Section: .. / 0702-exploits /
| /// File Name: |
NETRAGARD-20070220-1.txt |
Description:
|
Netragard, L.L.C Advisory - McAfee Virex contains an exploitable feature that enables users to define what files should be excluded for scanning. This feature relies on a configuration file with insecure privileges and is located in /Library/Application Support. Any user on the system can modify or delete the configuration file thus affecting what Virex will scan. Versions 7.7 and below are affected.
| | Author: | Kevin Finisterre | | Homepage: | http://www.netragard.com/html/recent_research.html | | File Size: | 8039 | | Last Modified: | Mar 6 05:20:27 2007 |
| MD5 Checksum: | 7a113c2b8adb0d5f52d1d955c4363497 |
|
| /// File Name: |
kiwicat-exec.txt |
Description:
|
Kiwi CatTools TFTP versions up to 3.2.8 suffer from information disclosure and remote code execution flaws.
| | Author: | Sergey Gordeychik | | Homepage: | http://www.ptsecurity.com/ | | File Size: | 1387 | | Last Modified: | Mar 6 05:17:28 2007 |
| MD5 Checksum: | fe9946d867abc56849eec4c61a5de1c2 |
|
| /// File Name: |
shoutcast-xss.txt |
Description:
|
Nullsoft ShoutcastServer version 1.9.7/Win32 suffers from a cross site scripting flaw.
| | Author: | SaMuschie | | File Size: | 1788 | | Last Modified: | Mar 6 05:14:07 2007 |
| MD5 Checksum: | 5b123c23812dd6500955a30ff0287cb1 |
|
| /// File Name: |
scip-2962.txt |
Description:
|
Wordpress version 2.1.1 suffers from multiple script injection vulnerabilities.
| | Homepage: | http://www.scip.ch/ | | File Size: | 4028 | | Last Modified: | Mar 6 05:10:21 2007 |
| MD5 Checksum: | d1d3b2ca1222938073e4984f72460183 |
|
| /// File Name: |
SA-20070226-0.txt |
Description:
|
SEC Consult Security Advisory 20070226-0 - The 3rd party module Pagesetter for PostNuke is susceptible to a local file inclusion vulnerability. Versions 6.2.0 and 6.3.0 beta 5 are affected.
| | Author: | D. Matscheko | | Homepage: | http://www.sec-consult.com | | File Size: | 1896 | | Last Modified: | Mar 6 01:51:48 2007 |
| MD5 Checksum: | 80f3f17ffa2c97e576a6821c1866f9a8 |
|
| /// File Name: |
unorg-sql.txt |
Description:
|
It appears that the un.org web site suffers from SQL injection vulnerabilities.
| | Author: | s0cratex | | File Size: | 743 | | Last Modified: | Feb 28 01:53:18 2007 |
| MD5 Checksum: | d60cbb057b860d20afc9500b8465f689 |
|
| /// File Name: |
sqllitemanager120-multi.txt |
Description:
|
SQLiteManager version 1.2.0 suffers from local file inclusion and multiple cross site scripting vulnerabilities.
| | Author: | Simon Bonnard | | File Size: | 1579 | | Last Modified: | Feb 28 01:47:52 2007 |
| MD5 Checksum: | f9ec290e820ad8915d572d66d43821bc |
|
| /// File Name: |
coppermine-blindsql.txt |
Description:
|
Coppermine Photo Gallery version 1.3.x blind SQL injection exploit.
| | Author: | s0cratex | | File Size: | 2204 | | Last Modified: | Feb 28 01:45:24 2007 |
| MD5 Checksum: | a455d05a88b89a11ba6a2296c29cffb3 |
|
| /// File Name: |
photostand120-xss.txt |
Description:
|
Photostand version 1.2.0 suffers from multiple cross site scripting vulnerabilities.
| | Author: | Simon Bonnard | | File Size: | 796 | | Last Modified: | Feb 28 01:43:23 2007 |
| MD5 Checksum: | 1df5510dadc3259613ea6b3ecc866c89 |
|
| /// File Name: |
activecal120-multi.txt |
Description:
|
ActiveCalendar version 1.2.0 suffers from cross site scripting and local file inclusion vulnerabilities.
| | Author: | Simon Bonnard | | File Size: | 574 | | Last Modified: | Feb 28 01:38:41 2007 |
| MD5 Checksum: | f8122376858f457b150dbad19ec59183 |
|
| /// File Name: |
pickle-lfi.txt |
Description:
|
Pickle suffers from a local file download vulnerability.
| | Author: | laurent gaffi | | File Size: | 150 | | Last Modified: | Feb 28 01:37:40 2007 |
| MD5 Checksum: | 823adf2f666230ceadf399608d885dd3 |
|
| /// File Name: |
sof-multi.txt |
Description:
|
Simple One-File Gallery suffers from local file inclusion and cross site scripting vulnerabilities.
| | Author: | laurent gaffi | | File Size: | 196 | | Last Modified: | Feb 28 01:35:00 2007 |
| MD5 Checksum: | 3822c65a6a3ada8839f41826ed25912f |
|
| /// File Name: |
sitex-multi.txt |
Description:
|
sitex suffers from upload and cross site scripting vulnerabilities.
| | Author: | laurent gaffi | | File Size: | 929 | | Last Modified: | Feb 28 01:33:36 2007 |
| MD5 Checksum: | 9706228a123398dec332f03115bb2779 |
|
| /// File Name: |
xtcommerce-lfi.txt |
Description:
|
xtcommerce suffers from a local file inclusion vulnerability.
| | Author: | laurent gaffi | | File Size: | 165 | | Last Modified: | Feb 24 04:06:11 2007 |
| MD5 Checksum: | 54491a12c6ec084136ae5078654e94f0 |
|
| /// File Name: |
shopkitplus-lfi.txt |
Description:
|
shopkitplus suffers from a local file inclusion vulnerability.
| | Author: | laurent gaffi | | File Size: | 213 | | Last Modified: | Feb 24 04:03:57 2007 |
| MD5 Checksum: | cf64e7219e80bfb09d781f7e051bb96a |
|
| /// File Name: |
zpanel.txt |
Description:
|
ZPanel suffers from a remote file inclusion vulnerability.
| | Author: | Hamid Ebadi | | Homepage: | http://www.bugtraq.ir/ | | File Size: | 1680 | | Last Modified: | Feb 24 03:55:51 2007 |
| MD5 Checksum: | b3a614a627f1cc00641e4edfc20ae2ef |
|
| /// File Name: |
spydir.c |
Description:
|
Exploit that demonstrates the vulnerability in ReadDirectoryChangesW() for Microsoft Windows 2000/XP/2003/Vista.
| | Author: | 3APA3A | | Homepage: | http://securityvulns.com/ | | Related File: | readirchange.txt | | File Size: | 2281 | | Related CVE(s): | CVE-2007-0843 | | Last Modified: | Feb 24 03:47:11 2007 |
| MD5 Checksum: | f7f6bf6fe0ea633cd5976b0a644ad70c |
|
| /// File Name: |
webspell40-multi.txt |
Description:
|
WebSpell versions greater than 4.0 suffer from authentication bypass and arbitrary code execution flaws.
| | Author: | Robin Verton | | File Size: | 1720 | | Last Modified: | Feb 24 03:33:14 2007 |
| MD5 Checksum: | a6d5965c0980c6edd14deac5f17706f0 |
|
| /// File Name: |
saphplesson30-sql.txt |
Description:
|
SaphpLesson version 3.0 suffers from a remote SQL injection vulnerability.
| | Author: | SwEET-DeViL, HaCKeR sUn | | File Size: | 1747 | | Last Modified: | Feb 24 03:28:10 2007 |
| MD5 Checksum: | 1d4c7171f12dd2a696976c27a73fdec1 |
|
| /// File Name: |
pheap.txt |
Description:
|
Pheap CMS suffers from a local file inclusion vulnerability that allows for the editing of the file.
| | Author: | laurent gaffi | | File Size: | 138 | | Last Modified: | Feb 24 03:25:25 2007 |
| MD5 Checksum: | 723592a21d57dd6e7ba731cd3e1611bd |
|
| /// File Name: |
lovecms14-multi.txt |
Description:
|
LoveCMS version 1.4 suffers from remote file inclusion, local file inclusion, upload, and cross site scripting vulnerabilities.
| | Author: | laurent gaffi | | File Size: | 423 | | Last Modified: | Feb 24 03:24:14 2007 |
| MD5 Checksum: | 794c87a701ed83cbf848253d244509b3 |
|
| /// File Name: |
plantilla.txt |
Description:
|
Plantilla PHP suffers from local file inclusion and arbitrary file upload vulnerabilities.
| | Author: | laurent gaffi | | File Size: | 190 | | Last Modified: | Feb 24 03:23:24 2007 |
| MD5 Checksum: | 73f4ea1c9dc8e4b78621b2278d20ac45 |
|
| /// File Name: |
jbrowser.txt |
Description:
|
It appears that JBrowser may allow arbitrary access to admin/config files.
| | Author: | sn0oPy | | File Size: | 457 | | Last Modified: | Feb 24 03:21:44 2007 |
| MD5 Checksum: | 76269815469d0ef8356da349250ddace |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
